Thank you for visiting Cyber Matters. In this blog we aim to discuss issues relating to cyber security, with brief articles, that don’t get carried away with too much technical detail.
We operate in an industry in which there is a lot of over hyped nonsense discussed, as well as some really important issues. In Cyber Matters we aim to cut through this and get straight to the point in an easy to understand way. Our bloggers are free to talk about any area relating to Cyber Security, Computer Security, Information Security or what ever term you prefer to use.
We welcome your views – please contribute to the discussion by way of comments on our articles.
- Can you trust your handset?
- Does Two Factor Authentication Actually Weaken Security?
- The Secure Internet of Things
- What Google IoT OS means for your privacy?
- Flexibility should come as standard in Information Exchange Gateways
- The Secure Internet of Things - The Internet of Things (IoT) is big news at the moment, being used as a title for just about everything that interacts with the internet, be it man or machine. In some areas the commentary is just starting to recognise that security and privacy are issues. And as you expect, various players are putting forward […]
- Flexibility should come as standard in Information Exchange Gateways - In my role as a Solution Architect regular readers of this blog will know that this year I’ve been heavily involved in Information Exchange Gateways. I was recently over in Brussels at the European Defence Agency (EDA) headquarters to deliver a final presentation on the IEG work we have done for them. Possibly the biggest […]
- Deploying Information Exchange Gateway solutions - With the current interest in Information Exchange Gateways (IEGs), I wanted to update you on the work that we have been doing with the European Defence Agency over the last year or so.
- Cyber Threat Glossary – By Example - As more and more people talk about security, I hear the terms threat, vulnerability, mitigation and risk used. Often in what I believe is the wrong context. There are lots of attempts to define the terms, write taxonomies etc. There is little point in duplicating this, however, here is how I think about the terms…
- No, Shellshock does not defeat SELinux - A week is a long time in Cyber Security. These past few weeks you may have heard about the latest ‘big vulnerability’, dubbed ShellShock. If you haven’t, or want more information on it, I direct you to the best authority I know: Wikipedia.
- Diodes are Diodes, Guards are Guards - Over the last 3-5 years Data Diodes have grown in popularity as a solution for moving data between isolated networks. With this has come creative marketing to leverage the term ‘Diode’ for solutions that are anything but. Let’s just take a few moments to revise some of the fundamental modes of secure information exchange.
- Changing 40+ Passwords: Thanks Heartbleed - Following the Heartbleed revelations, the security advice from the great and good was to change all passwords. To support World Password Day, I changed over 40 other them – quite an interesting exercise. Alarmingly, it appears I am still vulnerable.
- A Brief Introduction into Threat Analysis - The purpose of this blog piece is to introduce the concept of threat analysis, what it is and why it’s a good idea, while at the same time present a simple and effective way to try it yourself. It is part of a blog series on the development approach at Nexor.
- Prehistory of LDAP - It all started in the basement of the Computer Science department of University College London in about 1988. I was working alongside Paul Sharpe of then of GEC, who was working on user agents on the Thorn project.